/**
 * This {@link org.cryptomator.ui.keyloading.KeyLoadingStrategy strategy} retrieves the vault key from a web application, similar to
 * <a href="https://datatracker.ietf.org/doc/html/rfc8252#section-7.3">RFC 8252</a> but with an encrypted masterkey instead of an authorization code.
 * <p>
 * If the <code>kid</code> of the vault config starts with either {@value org.cryptomator.ui.keyloading.hub.HubKeyLoadingStrategy#SCHEME_HUB_HTTP}
 * or {@value org.cryptomator.ui.keyloading.hub.HubKeyLoadingStrategy#SCHEME_HUB_HTTPS}, the included http address is amended by three parameters and opened
 * in a browser. These parameters are:
 * <ul>
 *     <li>A device-specific public key (generated by this application and stored among its settings</li>
 *     <li>A unique device ID (stored in settings)</li>
 *     <li>A loopback callback address</li>
 * </ul>
 * <p>
 * The callback address points to a embedded web server waiting to receive the masterkey encrypted specifically for this device, using the device-specific public key.
 * <p>
 * The vault key can be decrypted using this ECIES:
 * <ol>
 *     <li>Generate shared secret using ECDH without cofactor</li>
 *     <li>Derive 44 bytes using ANSI X9.63 KDF with SHA256</li>
 *     <li>Decrypt payload via AES-GCM, using first 32 bytes as key, last 12 bytes as IV</li>
 *     <li>No MAC check required, as AES-GCM includes a tag already</li>
 * </ol>
 */
package org.cryptomator.ui.keyloading.hub;